projects / discourse_docker.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
remove uneeded env vars
[discourse_docker.git] / templates / web.template.yml
1 env:
2 # You can have redis on a different box
3 RAILS_ENV: 'production'
4 UNICORN_WORKERS: 3
5 UNICORN_SIDEKIQS: 1
6 # this gives us very good cache coverage, 96 -> 99
7 # in practice it is 1-2% perf improvement
8 RUBY_GLOBAL_METHOD_CACHE_SIZE: 131072
9
10 DISCOURSE_DB_SOCKET: /var/run/postgresql
11 DISCOURSE_DB_HOST:
12 DISCOURSE_DB_PORT:
13
14
15 params:
16 # SSH key is required for remote access into the container
17 version: tests-passed
18
19 home: /var/www/discourse
20 upload_size: 10m
21
22 run:
23 # see: https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588
24 - replace:
25 filename: /usr/local/etc/ImageMagick-6/policy.xml
26 from: "<policymap>"
27 to: |
28 <policymap>
29 <policy domain="coder" rights="none" pattern="EPHEMERAL" />
30 <policy domain="coder" rights="none" pattern="URL" />
31 <policy domain="coder" rights="none" pattern="HTTPS" />
32 <policy domain="coder" rights="none" pattern="MVG" />
33 <policy domain="coder" rights="none" pattern="MSL" />
34 <policy domain="coder" rights="none" pattern="TEXT" />
35 <policy domain="coder" rights="none" pattern="SHOW" />
36 <policy domain="coder" rights="none" pattern="WIN" />
37 <policy domain="coder" rights="none" pattern="PLT" />
38
39 - exec: /usr/local/bin/ruby -e 'if ENV["DISCOURSE_SMTP_ADDRESS"] == "smtp.example.com"; puts "Aborting! Mail is not configured!"; exit 1; end'
40 - exec: /usr/local/bin/ruby -e 'if ENV["DISCOURSE_HOSTNAME"] == "discourse.example.com"; puts "Aborting! Domain is not configured!"; exit 1; end'
41 - exec: chown -R discourse /home/discourse
42 - file:
43 path: /etc/runit/1.d/copy-env
44 chmod: "+x"
45 contents: |
46 #!/bin/bash
47 env > ~/boot_env
48 conf=/var/www/discourse/config/discourse.conf
49
50 # find DISCOURSE_ env vars, strip the leader, lowercase the key
51 /usr/local/bin/ruby -e 'ENV.each{|k,v| puts "#{$1.downcase} = #{v}" if k =~ /^DISCOURSE_(.*)/}' > $conf
52
53 - file:
54 path: /etc/runit/1.d/ensure-web-nginx-read
55 chmod: "+x"
56 contents: |
57 #!/bin/bash
58 mkdir -p /var/log/nginx
59 chgrp -R www-data /var/log/nginx
60 chgrp www-data /var/log/nginx
61
62 - file:
63 path: /etc/service/unicorn/run
64 chmod: "+x"
65 contents: |
66 #!/bin/bash
67 exec 2>&1
68 # redis
69 # postgres
70 cd $home
71 chown -R discourse:www-data /shared/log/rails
72 LD_PRELOAD=/usr/lib/libjemalloc.so.1 HOME=/home/discourse USER=discourse exec chpst -u discourse:www-data -U discourse:www-data bundle exec config/unicorn_launcher -E production -c config/unicorn.conf.rb
73
74 - file:
75 path: /etc/service/nginx/run
76 chmod: "+x"
77 contents: |
78 #!/bin/sh
79 exec 2>&1
80 exec /usr/sbin/nginx
81
82 - file:
83 path: /etc/runit/3.d/01-nginx
84 chmod: "+x"
85 contents: |
86 #!/bin/bash
87 sv stop nginx
88
89 - file:
90 path: /etc/runit/3.d/02-unicorn
91 chmod: "+x"
92 contents: |
93 #!/bin/bash
94 sv stop unicorn
95
96 - exec:
97 cd: $home
98 hook: code
99 cmd:
100 - git reset --hard
101 - git clean -f
102 - git remote set-branches --add origin master
103 - git pull
104 - git fetch origin $version
105 - git checkout $version
106 - mkdir -p tmp/pids
107 - mkdir -p tmp/sockets
108 - touch tmp/.gitkeep
109 - mkdir -p /shared/log/rails
110 - bash -c "touch -a /shared/log/rails/{production,production_errors,unicorn.stdout,unicorn.stderr}.log"
111 - bash -c "ln -s /shared/log/rails/{production,production_errors,unicorn.stdout,unicorn.stderr}.log $home/log"
112 - bash -c "mkdir -p /shared/{uploads,backups}"
113 - bash -c "ln -s /shared/{uploads,backups} $home/public"
114 - chown -R discourse:www-data /shared/log/rails /shared/uploads /shared/backups
115
116 - exec:
117 cmd:
118 - "cp $home/config/nginx.sample.conf /etc/nginx/conf.d/discourse.conf"
119 - "rm /etc/nginx/sites-enabled/default"
120 - "mkdir -p /var/nginx/cache"
121
122 - replace:
123 filename: /etc/nginx/nginx.conf
124 from: pid /run/nginx.pid;
125 to: daemon off;
126
127 - replace:
128 filename: "/etc/nginx/conf.d/discourse.conf"
129 from: /upstream[^\}]+\}/m
130 to: "upstream discourse {
131 server 127.0.0.1:3000;
132 }"
133
134 - replace:
135 filename: "/etc/nginx/conf.d/discourse.conf"
136 from: /server_name.+$/
137 to: server_name _ ;
138
139 - replace:
140 filename: "/etc/nginx/conf.d/discourse.conf"
141 from: /client_max_body_size.+$/
142 to: client_max_body_size $upload_size ;
143
144 - exec:
145 cmd: echo "done configuring web"
146 hook: web_config
147
148 - exec:
149 cd: $home
150 hook: web
151 cmd:
152 # ensure we are on latest bundler
153 - gem update bundler
154 - chown -R discourse $home
155
156 - exec:
157 cd: $home
158 hook: bundle_exec
159 cmd:
160 - su discourse -c 'bundle install --deployment --verbose --without test --without development'
161 - su discourse -c 'bundle exec rake db:migrate'
162 - su discourse -c 'bundle exec rake assets:precompile'
163
164 - file:
165 path: /usr/local/bin/discourse
166 chmod: +x
167 contents: |
168 #!/bin/bash
169 (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec script/discourse "$@")
170
171 - file:
172 path: /usr/local/bin/rails
173 chmod: +x
174 contents: |
175 #!/bin/bash
176 # If they requested a console, load pry instead
177 if [ "$*" == "c" -o "$*" == "console" ]
178 then
179 (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec pry -r ./config/environment)
180 else
181 (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec script/rails "$@")
182 fi
183
184 - file:
185 path: /usr/local/bin/rake
186 chmod: +x
187 contents: |
188 #!/bin/bash
189 (cd /var/www/discourse && RAILS_ENV=production sudo -H -E -u discourse bundle exec bin/rake "$@")
190
191 - file:
192 path: /etc/update-motd.d/10-web
193 chmod: +x
194 contents: |
195 #!/bin/bash
196 echo
197 echo Use: rails, rake or discourse to execute commands in production
198 echo
199
200 - file:
201 path: /etc/logrotate.d/rails
202 contents: |
203 /shared/log/rails/*.log
204 {
205 rotate 14
206 dateext
207 daily
208 missingok
209 notifempty
210 delaycompress
211 compress
212 postrotate
213 sv 1 unicorn
214 endscript
215 }
216
217 - file:
218 path: /etc/logrotate.d/nginx
219 contents: |
220 /var/log/nginx/*.log {
221 daily
222 missingok
223 rotate 14
224 compress
225 delaycompress
226 notifempty
227 create 0640 www-data www-data
228 sharedscripts
229 postrotate
230 sv 1 nginx
231 endscript
232 }
233
234 # move state out of the container this fancy is done to support rapid rebuilds of containers,
235 # we store anacron and logrotate state outside the container to ensure its maintained across builds
236 # later move this snipped into an intialization script
237 # we also ensure all the symlinks we need to /shared are in place in the correct structure
238 # this allows us to bootstrap on one machine and then run on another
239 - file:
240 path: /etc/runit/1.d/00-ensure-links
241 chmod: +x
242 contents: |
243 #!/bin/bash
244 if [[ ! -L /var/lib/logrotate ]]; then
245 rm -fr /var/lib/logrotate
246 mkdir -p /shared/state/logrotate
247 ln -s /shared/state/logrotate /var/lib/logrotate
248 fi
249 if [[ ! -L /var/spool/anacron ]]; then
250 rm -fr /var/spool/anacron
251 mkdir -p /shared/state/anacron-spool
252 ln -s /shared/state/anacron-spool /var/spool/anacron
253 fi
254 if [[ ! -d /shared/log/rails ]]; then
255 mkdir -p /shared/log/rails
256 chown -R discourse:www-data /shared/log/rails
257 fi
258 if [[ ! -d /shared/uploads ]]; then
259 mkdir -p /shared/uploads
260 chown -R discourse:www-data /shared/uploads
261 fi
262 if [[ ! -d /shared/backups ]]; then
263 mkdir -p /shared/backups
264 chown -R discourse:www-data /shared/backups
265 fi
266
267 # change login directory to Discourse home
268 - file:
269 path: /root/.bash_profile
270 chmod: 644
271 contents: |
272 cd $home